NCMS Society Holds Quarterly Business Meeting at Cisco Systems

Posted on 29, May | Posted by RMA

The NCMS Society of Industrial Security Professionals Carolina Chapter held is quarterly business meeting at Cisco Systems in Research Triangle Park on May 29, 2015. Christine Peterson, CPP, ISP and founding member of the chapter, attended the meeting which focused on Information Systems Security.

Mark Whitteker, MSIA, CISSP, ISP the Manager of Government Security & IT Services was the lead speaker at the daylong event. Utilizing his vast experience in IT infrastructure, security, and classified environments, Mark spoke to the attending members about IT security awareness, building a comprehensive security architecture framework, NIS and DFARS compliance, and lessons learned. The program was geared to companies with facility security clearances but many of the concepts were applicable to all security professionals and especially IT security professionals.

Continue reading

Kevin McQuade Attended ISC West

Posted on 16, Apr | Posted by RMA

Kevin McQuade attended the ISC West in Las Vegas on April 14 – 16 2015.

ISC West is the security industry’s premier launching pad for new products, solutions and technologies in the U.S. Each year, ISC West hosts over 1,000 international and domestic security product manufacturer companies and a recorded breaking 26,000 security professionals attended in Las Vegas.

Continue reading

RMA Exhibits at the IACLEA Southeast Regional Conference & the 15th Annual SCCLEA Linda B. Floyd Safety Conference hosted by Furman University

Posted on 2, Mar | Posted by RMA

RMA participated as an exhibitor at the IACLEA Southeast Regional Conference & the SCCLEA Safety Conference hosted by Furman University in Greenville, SC. The conference brought together over 250 campus law enforcement administrators from across the southeastern United States. The Director of University Police, Tom Saccenti and his staff provided all the participants with gracious southern hospitality with the beautiful Furman campus as a backdrop. This framework allowed the attendees to focus on the serious business of Leadership in a Crisis.

“Knowing how to respond quickly and efficiently in a crisis is critical to ensuring the safety of our schools and students. The midst of a crisis is not the time to start figuring out who ought to do what. At that moment, everyone involved – from top to bottom – should know the drill and know each other.”

Margaret Spellings
Secretary of Education, 2005-2009

Chief Michael Kehoe, Newtown, CT began his presentation with this quote which also captured the underlying themes that were a part of all the presentations on the first day of the conference. The IACLEA Southeast Region brought together a powerful group of presenters including:
• Retired Chief Wendell Flinchum, Virginia Tech Police Department 2006-2014
• Dr. Gene Deisinger, Ph.D. Executive officer, Virginia Tech Police Department
• Chief John DiFava , MIT Police Department
• Chief Michael Kehoe, Newtown, Connecticut
• Lt. Col. Dave Grossman

Each of these presenters shared, for the benefit of the audience, the “good, the bad, and the ugly” side of leading their department’s during a significant or a series of significant crisis. They took the audience through the details that they could share that formed the basis of the decisions that were made as the crisis situation unfolded. What they knew, what they didn’t know, lessons that were learned along the way, and changes they made to their response program after the fact. Each of the presenter’s shared common themes that they learned in response to a crisis including the need for a multi-disciplined approach that include but is not limited to:

• Relationships, build the network of diverse support before the event happens, reach out to your network during the crisis – ask for help from people you trust
• Develop a case management plan that is proactive, integrated, and adaptive
• Training, training, training and awareness are critical
• Prevent and mitigate
• Be prepared to monitor and reassess during the crisis continuously
• Assign scribes and capture as much as possible during the crisis, don’t rely on memory
• Communicate

Continue reading

RMA Awarded South Carolina Federal Credit Union Security Assessment Project

Posted on 24, Feb | Posted by RMA

RMA will perform a physical security assessment, including a threat assessment, of the South Carolina Federal Credit Union (SCFC) Corporate Office and 17 branches. Included in the assessment RMA will review existing security programs, security officer duties, reporting structure, and job descriptions. Members of the RMA Team will be traveling to 18 different sites in South Carolina to become familiar with SCFC security practices. RMA will complete a physical assessment, interviews and review security programs and security officer responsibilities at the corporate office as well as 17 branch offices.

South Carolina Federal is a community-chartered credit union with 17 branches and more than 50 ATMs throughout Charleston, Georgetown and Columbia. South Carolina Federal Credit Union offers a full range of financial services including savings and investments, checking, credit cards and loans.

Continue reading

Rusty Gilmore presents at the ProNet Systems Executive Briefing 2014

Posted on 17, Dec | Posted by RMA

ProNet Systems hosted their annual Executive Briefing on December 9th, at the City Club in Raleigh, NC. The event was titled, “Keeping up with Security Trends and Technologies. Some of the key speakers included:

  • Alan Jelley, ProNet Systems, Inc. – New Technology Advancements and Trends
  • Nathan Schroeder, Focus Sales; Ryan Bach, Avigilon – Totally Integrated Access & High Resolution Video
  • Rusty Gilmore, Computer Forensic Consultant, Risk Management Consultants – Hacking and Computer Security 101
  • Lou Tunno, HID – Latest Credential And Biometric Development The Smart Phone as a Credential
  • Nathan Schroeder, Focus Sales; Ryan Bach, Avigilon – Advances in High Definition Video and Video Analytics

Dana Frentz and Emily Liner of RMA attended the ProNet Systems seminar.

Continue reading

Kevin McQuade Attends Tyco Security Design Symposium

Posted on 25, Nov | Posted by RMA

Kevin McQuade, CPP of RMA attended the 2014 Tyco Security Design and Technology Symposium in Florida. This symposium was a three day event that focused on security related technology products offered by Tyco Security. The symposium focused on the Tyco technologies in intrusion detection, access control, real time location systems and video management systems. They also presented information pertaining to the Tyco Physical Security Information System (PSIM) and how multiple manufactures, not just Tyco security products are able to be monitored by a single user interface. The last presentation was a roadmap to where Tyco is headed in the future which a complete unification of their security products.

Continue reading

RMA Welcomes Michael Epperly as Director of Investigations

Posted on 30, Oct | Posted by RMA

Risk Management Associates, Inc. (RMA), recently reengaged Michael Epperly mre1.jpgto lead our investigations division. Michael previously served as RMA’s vice president and general counsel. Mike’s experience as a consultant, investigator and attorney make his addition a valuable asset to both RMA and its clients. Michael is a graduate of Campbell University and former law enforcement officer and will serve as our Director of Investigations, focusing on white collar crime, misappropriation, due diligence, compliance and ethics investigations and consulting.

Epperly, a native of Roanoke, Virginia, received his Juris Doctorate degree in 2002, and served in various investigative capacities in Virginia law enforcement before moving to North Carolina to begin his legal career. Prior to his hiring by RMA, Epperly worked for the NC Attorney General’s office and as the lead investigator for the NC Innocence Commission, where he investigated post-conviction claims of innocence by examining new evidence not presented at trial. Epperly also served as an intelligence officer in the US Navy.

“I am honored to once again be associated with RMA,” said Epperly. “RMA has a long history of superior investigative outcomes. Much of this success is directly attributable to the unrivaled skill and integrity of its people. RMA has a proud tradition of pairing each client with investigators and analysts who are uniquely qualified to deal with the issues at hand, and who also have the courage and integrity to report the truth – even when not favorable to the client. I intend to ensure that this tradition continues, and am both honored and humbled by this opportunity.”

Continue reading

Security Suggestions – The Cloud and Your Data

Posted on 1, Oct | Posted by Russell W. Gilmore, CISSP, CISM, EnCE

The CloudI am often asked to discuss IT and data security as it relates to storing data on the Cloud. Nine out of ten times I am asked two inevitable questions: “What is the Cloud?” and “Where is the Cloud?”. Hopefully I will answer these questions as I discuss ways to keep your data secure on the Cloud.

There are a number of services that allow you to store data on their servers. Examples of these for an individual or a small business are Dropbox, Sharefile, Google Mail, iCloud, Google Drive, Office 365, and many more. These services quite often are automatically connected to you by your smartphone, iPhone, laptop and/or your desktop computer once you initially login. Think about using your phone – you don’t have to type in a password to get your Gmail each time. As long as you can access the email app on your phone, you’re in. This is because you have instructed the app to trust your smartphone as a conduit to get your Gmail. This goes for almost any mail account you access from your device.

Go one step further and consider that you may have an account with Dropbox, Office 365, or Sharefile. The same concept applies – you have instructed the app to trust your smartphone as a conduit. To make matters worse, if you have these accounts available on your laptop or desktop they too are accessible without typing in a password once you have initially logged in. This is most often the case because we have instructed the app to remember our password.

Now that we understand – to just a small degree – what the Cloud is as it relates to most users and what as individuals we may have on the Cloud, let’s discuss how to keep it secure. First, don’t store sensitive information in the Cloud. I am not talking about using the online version of TurboTax, for example. I am referring to storing birth certificates, passports, and other scanned documents with sensitive information. There is nothing wrong with a safe deposit box for items like these.

Don’t use the same password for every account and change passwords regularly. I believe that password security is such an important issue I could write an entire topic on it. By using the same password for email, banking, computer login, online purchases, social media sites, and other activities, you jeopardize the security of all of your accounts if just one gets hacked. Hackers are smart enough to know that if your password to “website.com” is 12345678 and your user name to “website.com” is user@gmail.com, they will try and login to the Gmail account with the password they have uncovered. You should choose a random password and change it at least every 90 days if not sooner.

Consider reading the terms of service or user agreements to find out how the service works. This is very important if you intend to take advantage of a free 30-day trial. It is possible you will not have access to the data after 30 days without paying for the service. Think about encrypting your data or utilizing a service that includes encryption with data storage.

These are just a few suggestions for securing your data on the Cloud, and this is only a starting point.
I am not suggesting that no one should use the Cloud for storing data. For the most part, everyone who uses a computer, smartphone, or tablet is using the Cloud already. The Cloud can be an efficient way to centralize and share data with authorized users. I am suggesting you use it wisely, securely, and with the knowledge that you have done everything possible to protect the data you put on the Cloud.

Continue reading

ASIS Chapter 119 and Region 4B Women in Security Meeting

Posted on 10, Sep | Posted by RMA

The second quarterly ASIS Chapter 119 and Region 4B Women in Security meeting was hosted by Risk Management Associates on Wednesday, September 10, 2014. Anita Jelley of ProNet Systems was instrumental in setting the meeting. Russell Gilmore CISSP, CISM, EnCE of RMA gave an informative presentation on Computer Forensics. RMA had a big turnout of attendees that included Christine Peterson, Dana Frentz, and Tasha Dyson. Christine Peterson, provided registration/handouts to the group for the upcoming NC Piedmont Chapter 82 seminar being held October 27-28. For more information on ASIS Chapter 119 Women in Security, please contact Dana Frentz.

Continue reading

RMA attends Piedmont Advantage Credit Union Grand Opening

Posted on 14, Aug | Posted by RMA

RMA President, Christine Peterson attended the Grand Opening Celebration of Advantage Way, the new corporate headquarters and flagship branch of the Piedmont Advantage Credit Union in Winston-Salem, North Carolina on August 14, 2014. This flagship branch provides the credit union with the opportunity to better serve existing and future Members in Winston-Salem.

Continue reading